You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Benjamin Mahler (Jira)" <ji...@apache.org> on 2020/04/07 22:55:00 UTC

[jira] [Commented] (MESOS-10110) libprocess: check protobuf (de)serialisation success

    [ https://issues.apache.org/jira/browse/MESOS-10110?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17077628#comment-17077628 ] 

Benjamin Mahler commented on MESOS-10110:
-----------------------------------------

[~Charle] for some reason I seem to be unable to add you to the contributors role so that I can assign this to you, filed INFRA-20092.

> libprocess: check protobuf (de)serialisation success
> ----------------------------------------------------
>
>                 Key: MESOS-10110
>                 URL: https://issues.apache.org/jira/browse/MESOS-10110
>             Project: Mesos
>          Issue Type: Bug
>          Components: libprocess
>            Reporter: Charles
>            Priority: Major
>
> Before the code didn't check at all the return value of
>  {{Message::SerializeToString}}, which can fail for various reasons,
>  e.g. out-of-memory, message too large, or invalid UTF-8 string.
>  Also, the way deserialisation was checked for error using
>  {{Message::IsInitialized}} doesn't detect errors such as the above,
>  we need to check {{Message::ParseFromString}} return value.
> {{}}
> We noticed this at work because our custom executor had a bug causing it to send invalid/non-UTF8 {{mesos.TaskID}}, but it was successfully serialised by the executor (driver), and deserialised by the framework, which was blowing it to blow up at later point far from the original source of the problem.
> More generally we want to catch such invalid messages - which can happen for a variety of reasons - as early as possible.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)